GHSA-37J7-FG3J-429F Happy DOM: VM Context Escape can lead to Remote Code Execution
Escape of VM Context gives access to process level functionality Summary Happy DOM v19 and lower contains a security vulnerability that puts the owner system at the risk of RCE Remote Code Execution attacks. A Node.js VM Context is not an isolated environment, and if the user runs untrusted...